Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

847 advisories

Loading
Information Disclosure in NoneCMS v1.3 allows remote attackers to obtain sensitive information... High Unreviewed
CVE-2020-18646 was published May 24, 2022
Information Disclosure in NoneCMS v1.3 allows remote attackers to obtain sensitive information... High Unreviewed
CVE-2020-18647 was published May 24, 2022
IBM Security Identity Manager 6.0.2 could allow an authenticated malicious user to change the... Moderate Unreviewed
CVE-2021-20488 was published May 24, 2022
curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a... Moderate Unreviewed
CVE-2021-22897 was published May 24, 2022
In /proc/net of the kernel filesystem, there is a possible information leak due to a permissions... Moderate Unreviewed
CVE-2019-9475 was published May 24, 2022
In startIpClient of ClientModeImpl.java, there is a possible identifier which could be used to... High Unreviewed
CVE-2021-0466 was published May 24, 2022
In createPendingIntent of SnoozeHelper.java, there is a possible broadcast intent containing a... Moderate Unreviewed
CVE-2021-0480 was published May 24, 2022
Potential floating point value injection in all supported CPU products, in conjunction with... Moderate Unreviewed
CVE-2021-26314 was published May 24, 2022
Potential speculative code store bypass in all supported CPU products, in conjunction with... Moderate Unreviewed
CVE-2021-26313 was published May 24, 2022
Information Disclosure vulnerability in UserAdmin application in SAP NetWeaver Application Server... Moderate Unreviewed
CVE-2021-27621 was published May 24, 2022
Under certain conditions SAP Enable Now (SAP Workforce Performance Builder - Manager), versions -... Moderate Unreviewed
CVE-2021-27637 was published May 24, 2022
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated... Moderate Unreviewed
CVE-2020-24511 was published May 24, 2022
An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses... High Unreviewed
CVE-2021-22550 was published May 24, 2022
An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted... High Unreviewed
CVE-2021-22549 was published May 24, 2022
An information disclosure vulnerability in GitLab EE versions 13.11 and later allowed a project... High Unreviewed
CVE-2021-22215 was published May 24, 2022
In VOS and overly permissive "umask" may allow for authorized users of the server to gain... High Unreviewed
CVE-2018-16494 was published May 24, 2022
CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. Critical Unreviewed
CVE-2021-30190 was published May 24, 2022
Information disclosure in the TeamCity plugin for IntelliJ before 2020.2.2.85899 was possible... Low Unreviewed
CVE-2021-26309 was published May 24, 2022
Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because... High Unreviewed
CVE-2020-28012 was published May 24, 2022
A vulnerability in Cisco Wide Area Application Services (WAAS) Software could allow an... Moderate Unreviewed
CVE-2021-1438 was published May 24, 2022
Inappropriate implementation in Network in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed
CVE-2021-21210 was published May 24, 2022
Overly relaxed configuration of frontend resources server in Vaadin Designer versions 4.3.0... High Unreviewed
CVE-2021-31410 was published May 24, 2022
An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control... High Unreviewed
CVE-2021-0232 was published May 24, 2022
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It improperly... Moderate Unreviewed
CVE-2021-31554 was published May 24, 2022
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly... Moderate Unreviewed
CVE-2021-31552 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database